Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/APHuB3hO7KoWCyONTS8iQQljQF0.roa
File: APHuB3hO7KoWCyONTS8iQQljQF0.roa (raw, json)
Hash identifier: F+Xxemk97+LQ6Z/1ZybIvUKVhgACnba1FiCkaxRpaeY=
Subject key identifier: 00:F1:EE:07:78:4E:EC:AA:16:0B:23:8D:4D:2F:22:41:09:63:40:5D
Certificate issuer: /CN=60635e04c34c2f781ee980a1651ff66e5132bc44
Certificate serial: 018C1F54359E507D6F4840ACD97810A71D2E
Authority key identifier: 60:63:5E:04:C3:4C:2F:78:1E:E9:80:A1:65:1F:F6:6E:51:32:BC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGNeBMNML3ge6YChZR_2blEyvEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/APHuB3hO7KoWCyONTS8iQQljQF0.roa
Signing time: Thu 30 Nov 2023 08:24:21 +0000
ROA not before: Thu 30 Nov 2023 08:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49788
IP address blocks: 185.57.252.0/22 maxlen: 22
84.243.128.0/18 maxlen: 24
2a02:6060::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:54:35:9e:50:7d:6f:48:40:ac:d9:78:10:a7:1d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60635e04c34c2f781ee980a1651ff66e5132bc44
Validity
Not Before: Nov 30 08:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00f1ee07784eecaa160b238d4d2f22410963405d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ba:7e:e8:1d:f1:91:42:98:8a:8e:69:e3:8a:
ef:b4:69:f4:fa:ef:ae:d8:c9:b1:29:7c:ba:3d:3d:
8a:b3:db:b8:ca:d9:0a:6f:c0:b5:05:dc:08:e3:6d:
f5:9d:aa:84:75:07:45:ef:21:c8:fc:d1:e6:e7:77:
2b:d8:be:f5:82:6a:22:42:55:36:07:71:05:de:d9:
69:2e:3e:1f:f6:98:fb:ef:26:d4:ff:bb:65:35:c4:
44:94:bf:a3:b8:4e:c6:eb:76:92:d2:af:6e:13:a2:
f1:20:35:e6:82:d8:11:f4:19:65:76:81:9f:88:50:
3c:43:fe:ca:82:6b:43:92:27:43:d0:b9:ed:28:01:
0c:a4:78:af:ae:65:93:b6:01:91:27:75:e4:5a:5a:
ed:23:ef:a2:d0:04:23:86:dd:5c:b0:f3:41:99:93:
1d:69:6d:d3:8c:60:67:59:85:22:22:bf:33:d4:88:
c9:4a:72:6b:34:91:4c:11:50:76:2f:f2:1f:b9:35:
94:07:cc:ce:2c:9c:1a:aa:7b:a2:49:9c:06:00:3d:
19:37:01:e7:0d:ce:55:e7:b5:43:bc:f3:89:34:f9:
98:15:df:67:4d:d0:1a:b4:c9:7f:51:ce:1c:36:cb:
5f:e4:c9:cb:c9:29:d8:b2:6a:4e:b9:11:7b:bc:32:
30:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F1:EE:07:78:4E:EC:AA:16:0B:23:8D:4D:2F:22:41:09:63:40:5D
X509v3 Authority Key Identifier:
keyid:60:63:5E:04:C3:4C:2F:78:1E:E9:80:A1:65:1F:F6:6E:51:32:BC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGNeBMNML3ge6YChZR_2blEyvEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/APHuB3hO7KoWCyONTS8iQQljQF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/99286a-45b3-4cee-8db5-937081a9cefa/1/YGNeBMNML3ge6YChZR_2blEyvEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.243.128.0/18
185.57.252.0/22
IPv6:
2a02:6060::/32
Signature Algorithm: sha256WithRSAEncryption
3f:94:e0:ea:6e:f6:0d:c3:b6:9c:d4:d3:cb:ea:07:04:83:79:
2d:8c:db:67:79:65:20:62:38:79:f6:b6:83:2a:7d:bd:63:f1:
75:c0:65:4a:03:00:e2:c4:64:d5:d1:92:22:b2:2d:19:dc:c6:
03:1b:12:e7:2a:26:69:f7:d8:f4:f9:37:53:91:7c:1b:c2:74:
c3:a5:7b:2a:de:e2:45:fc:3f:ec:51:d8:e3:4e:c4:14:88:d2:
9f:35:b7:f2:90:60:10:86:f5:49:28:7c:04:ef:76:56:08:7e:
ae:78:ab:c3:b7:42:90:39:42:27:47:6a:a5:26:bb:2f:77:45:
99:01:ee:1c:26:85:c2:b1:ff:a8:5a:ee:14:7c:da:93:5d:e6:
9c:9c:f2:87:7e:95:cd:17:10:43:e0:b3:9f:7c:84:e6:05:82:
90:82:13:d1:6e:c8:3d:a2:7f:63:0e:2e:8a:30:2e:46:a0:92:
47:a9:da:a5:18:88:a4:57:e0:24:25:0a:f6:50:8f:e9:52:ce:
f2:c5:6a:58:4b:39:be:ab:b3:d2:97:40:9a:eb:3c:fe:8d:d5:
f8:82:c6:a2:35:6d:5c:68:be:24:e2:18:5f:28:78:7c:e3:86:
8b:a2:a3:cb:ae:1e:45:0b:21:12:16:4d:6a:08:67:0e:18:f5:
78:cc:f6:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwfVDWeUH1vSECs2XgQpx0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjM1ZTA0YzM0YzJmNzgxZWU5ODBhMTY1MWZmNjZlNTEz
MmJjNDQwHhcNMjMxMTMwMDgyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGYxZWUwNzc4NGVlY2FhMTYwYjIzOGQ0ZDJmMjI0MTA5NjM0MDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLp+6B3xkUKYio5p44rvtGn0+u+u
2MmxKXy6PT2Ks9u4ytkKb8C1BdwI4231naqEdQdF7yHI/NHm53cr2L71gmoiQlU2
B3EF3tlpLj4f9pj77ybU/7tlNcRElL+juE7G63aS0q9uE6LxIDXmgtgR9BlldoGf
iFA8Q/7KgmtDkidD0LntKAEMpHivrmWTtgGRJ3XkWlrtI++i0AQjht1csPNBmZMd
aW3TjGBnWYUiIr8z1IjJSnJrNJFMEVB2L/IfuTWUB8zOLJwaqnuiSZwGAD0ZNwHn
Dc5V57VDvPOJNPmYFd9nTdAatMl/Uc4cNstf5MnLySnYsmpOuRF7vDIwnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFADx7gd4TuyqFgsjjU0vIkEJY0BdMB8GA1UdIwQY
MBaAFGBjXgTDTC94HumAoWUf9m5RMrxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdOZUJNTk1MM2dlNllDaFpSXzJibEV5dkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85OTI4NmEtNDViMy00Y2VlLThkYjUt
OTM3MDgxYTljZWZhLzEvQVBIdUIzaE83S29XQ3lPTlRTOGlRUWxqUUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85OTI4NmEtNDViMy00Y2VlLThkYjUtOTM3MDgxYTljZWZh
LzEvWUdOZUJNTk1MM2dlNllDaFpSXzJibEV5dkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGVPOAAwQC
uTn8MA0EAgACMAcDBQAqAmBgMA0GCSqGSIb3DQEBCwUAA4IBAQA/lODqbvYNw7ac
1NPL6gcEg3ktjNtneWUgYjh59raDKn29Y/F1wGVKAwDixGTV0ZIisi0Z3MYDGxLn
KiZp99j0+TdTkXwbwnTDpXsq3uJF/D/sUdjjTsQUiNKfNbfykGAQhvVJKHwE73ZW
CH6ueKvDt0KQOUInR2qlJrsvd0WZAe4cJoXCsf+oWu4UfNqTXeacnPKHfpXNFxBD
4LOffITmBYKQghPRbsg9on9jDi6KMC5GoJJHqdqlGIikV+AkJQr2UI/pUs7yxWpY
Szm+q7PSl0Ca6zz+jdX4gsaiNW1caL4k4hhfKHh844aLoqPLrh5FCyESFk1qCGcO
GPV4zPYb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:26 2024 by rpki-client on console-fra.rpki-client.org